var multer = require("multer")(); var auth = require("../util/auth"); var adminz = require("../util/adminz"); var middleware = require("../util/middleware"); var util = require("../util/util"); var db = require("../db"); var bucky = require("./bucky"); var privacy = require("./privacy"); var search = require("../search/middleware"); var fortune = require("../db/fortune"); module.exports = { route }; function route(app) { /* users */ app.get( "/api/user/:username", middleware.ensureAuthenticated, bucky.ensureUser, bucky.sanitizeUser, function (req, res) { res.json(res.user); } ); app.post( "/api/user/:username", middleware.ensureAuthenticated, bucky.ensureUser, privacy.checkUserPrivacy, multer.single("avatar"), bucky.updateProfile, auth.changePassword, bucky.uploadAvatar, bucky.saveUser, function (req, res) { res.json(util.sanitizeUser(res.user)); } ); app.get( "/api/users", middleware.ensureAuthenticated, bucky.ensureUserlist, bucky.ensureUserThreadCounts, bucky.ensureUserFileCounts, bucky.ensureUserCommentCounts, bucky.ensureUserStatistics, function (req, res) { res.json({ users: res.users, userStats: res.userStats, }); } ); app.get( "/api/profile/:username", middleware.ensureAuthenticated, bucky.ensureUser, bucky.sanitizeUser, bucky.ensureThreadsForUser, // bucky.ensureTopThreadsForUser, // bucky.ensureCommentsForUser, bucky.ensureFilesForUser, function (req, res) { res.json({ user: res.user, threads: res.threads, // topThreads: res.topThreads, files: res.files, // comments: res.comments, }); } ); app.put( "/api/checkUsernames", middleware.ensureAuthenticated, bucky.checkUsernames, function (req, res) { res.send({ usernames: res.usernames }); } ); /* threads */ app.get( "/api/index", bucky.ensureLastlog, middleware.ensureAuthenticated, bucky.ensureLatestThreads, privacy.filterPrivateThreads, bucky.ensureCommentCountsForThreads, bucky.ensureFileCountsForThreads, bucky.ensureKeywordsForThreads, bucky.ensureHootbox, bucky.bumpLastSeen, bucky.checkMail, function (req, res) { res.json({ threads: res.threads, hootstream: res.hootstream, hootbox: res.hootbox, lastlog: res.lastlog, mail: res.mail, }); } ); app.get( "/api/stream", bucky.ensureLastlog, middleware.ensureAuthenticated, // bucky.ensureLatestThreads, bucky.ensureHootbox, bucky.ensureHootstream, privacy.filterPrivateThreads, bucky.ensureCommentCountsForThreads, bucky.ensureFileCountsForThreads, bucky.ensureKeywordsForThreads, bucky.bumpLastSeen, bucky.checkMail, function (req, res) { res.json({ query: res.query, threads: res.threads, files: res.files, comments: res.comments, hootbox: res.hootbox, lastlog: res.lastlog, mail: res.mail, }); } ); app.post( "/api/keyword/new", bucky.ensureLastlog, middleware.ensureAuthenticated, bucky.createKeyword, function (req, res) { res.json({ keyword: res.keyword }); } ); app.post( "/api/keyword/new", bucky.ensureLastlog, middleware.ensureAuthenticated, bucky.createKeyword, function (req, res) { res.json({ keyword: res.keyword }); } ); app.get( "/api/keyword/:keyword", bucky.ensureLastlog, middleware.ensureAuthenticated, bucky.ensureThreadsForKeyword, privacy.filterPrivateThreads, bucky.ensureCommentCountsForThreads, bucky.ensureFileCountsForThreads, bucky.ensureKeywordsForThreads, bucky.ensureHootbox, bucky.checkMail, function (req, res) { res.json({ keyword: res.keyword, threads: res.threads, hootbox: res.hootbox, lastlog: res.lastlog, mail: res.mail, }); } ); app.get( "/api/thread/:id", middleware.ensureAuthenticated, bucky.ensureThread, privacy.checkThreadPrivacy, bucky.bumpViewCount, bucky.ensureKeywordForThread, bucky.ensureCommentsForThread, bucky.ensureFilesForThread, // bucky.ensureThreadUsers, bucky.prepareThread, bucky.bumpLastSeen, function (req, res) { res.json({ thread: res.thread, comments: res.comments, files: res.files, keyword: res.keyword, }); } ); app.post( "/api/thread", middleware.ensureAuthenticated, multer.array("files"), bucky.verifyFilesOrComment, bucky.createThread, bucky.createOptionalFiles, bucky.createOptionalComment, function (req, res) { res.json(res.thread); } ); app.put( "/api/thread/:id", middleware.ensureAuthenticated, bucky.ensureThread, privacy.checkThreadPrivacy, bucky.updateThreadSettings, function (req, res) { res.json({ status: "ok" }); } ); app.delete( "/api/thread/:id", middleware.ensureAuthenticated, bucky.ensureThread, privacy.checkThreadPrivacy, bucky.ensureCommentsForThread, bucky.ensureFilesForThread, bucky.destroyThread, function (req, res) { res.send({ status: "ok" }); } ); app.get( "/api/thread/:id/bury", middleware.ensureAuthenticated, bucky.ensureThread, privacy.checkThreadPrivacy, bucky.buryThread, function (req, res) { res.json({ thread: res.thread, }); } ); /* comments */ // one endpoint handles comments + files app.post( "/api/thread/:id/comment", middleware.ensureAuthenticated, bucky.ensureThread, privacy.checkThreadPrivacy, multer.array("files"), bucky.verifyFilesOrComment, bucky.createOptionalFiles, bucky.createOptionalComment, bucky.bumpThreadRevisions, function (req, res) { res.json({ comment: res.comment, files: res.files, }); } ); app.get( "/api/comment/:id", middleware.ensureAuthenticated, bucky.ensureComment, function (req, res) { res.json({ comment: res.comment }); } ); // edit a comment app.put( "/api/comment/:id", middleware.ensureAuthenticated, bucky.ensureComment, privacy.checkCommentPrivacy, bucky.ensureCommentThread, bucky.updateComment, bucky.bumpThreadRevisions, function (req, res) { res.json({ comment: res.comment }); } ); // move a file to another thread app.get( "/api/file/:id/move/:thread_id", middleware.ensureAuthenticated, privacy.checkIsAdmin, bucky.ensureFile, bucky.ensureThreadById, bucky.moveFile, function (req, res) { res.json({ file: res.file }); } ); // move a comment to another thread app.get( "/api/comment/:id/move/:thread_id", middleware.ensureAuthenticated, privacy.checkIsAdmin, bucky.ensureComment, bucky.ensureThreadById, bucky.moveComment, function (req, res) { res.json({ comment: res.comment }); } ); // delete a comment app.delete( "/api/comment/:id", middleware.ensureAuthenticated, bucky.ensureComment, privacy.checkCommentPrivacy, bucky.destroyComment, function (req, res) { res.send({ status: "ok" }); } ); // delete a file app.delete( "/api/file/:id", middleware.ensureAuthenticated, bucky.ensureFile, privacy.checkFilePrivacy, bucky.destroyFile, function (req, res) { res.send({ status: "ok" }); } ); /* search */ app.get( "/api/search", middleware.ensureAuthenticated, search.search, search.getThreads, search.getComments, search.getFiles, search.logQuery, search.success ); app.get( "/api/search/build", middleware.ensureAuthenticated, privacy.checkIsAdmin, search.rebuild ); /* keywords */ app.get( "/api/keywords", middleware.ensureAuthenticated, bucky.ensureKeywords, function (req, res) { res.json({ keywords: res.keywords, }); } ); app.get( "/api/keywords/statistics", middleware.ensureAuthenticated, bucky.ensureKeywords, bucky.ensureThreadGroups, bucky.ensureLatestKeywordThreads, function (req, res) { res.json({ keywords: res.keywords, threads: res.threads, threadGroups: res.threadGroups, }); } ); app.get( "/api/keyword/:keyword", middleware.ensureAuthenticated, bucky.ensureKeyword, bucky.ensureThreadsForKeyword, privacy.filterPrivateThreads, bucky.ensureCommentCountsForThreads, bucky.ensureFileCountsForThreads, bucky.ensureKeywordsForThreads, function (req, res) { res.json({ keyword: res.keyword, threads: res.threads, }); } ); // app.get("/api/keyword/:keyword/full", // middleware.ensureAuthenticated, // bucky.ensureKeyword, // bucky.ensureThreadsForKeyword, // privacy.filterPrivateThreads, // bucky.ensureFilesForThreads, // bucky.ensureCommentsForThreads, // function(req, res){ // res.json({ // keyword: res.keyword, // threads: res.threads, // }) // }) /* mail */ app.get( "/api/mailbox/:box", middleware.ensureAuthenticated, bucky.ensureMailboxes, bucky.ensureMailboxCounts, bucky.ensureMessages, function (req, res) { res.json({ user: { id: req.user.get("id"), username: req.user.get("username") }, messages: res.messages, boxes: res.boxes, query: res.query, }); } ); app.get( "/api/message/:id", middleware.ensureAuthenticated, bucky.ensureMessage, bucky.markMessageUnread, function (req, res) { res.json({ message: res.message, }); } ); app.post( "/api/mail/send", middleware.ensureAuthenticated, bucky.ensureRecipient, bucky.sendMessage, bucky.deleteDraft, function (req, res) { res.json({ status: "ok" }); } ); app.delete( "/api/message/:id", middleware.ensureAuthenticated, bucky.ensureMessage, bucky.destroyMessage, function (req, res) { res.json({ status: "ok" }); } ); auth.route(app); adminz.route(app); }